Overview

overview

10

Static

static

3

bbb.exe

windows7-x64

3

bbb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bbb.exe

  • Size

    1.2MB

  • Sample

    250120-jzze5szlex

  • MD5

    00f33641a6c78c9e2330100a28c4a37c

  • SHA1

    31cee3fbe5a130c52145919c4bb903125069fa08

  • SHA256

    4cca8b360d5053a789ea822ab80261dc6f010c1c72b0d449ca8cdcaffd2e2c0a

  • SHA512

    ecfa5076f26ad9f13b23a7bfc78c533eb01c2e6cdf4590fe1cc4790697377b7e3b11c9ed2e5f5b9bd7f5bc6fa104f6ca83145249b159a00c203beb27a6c51f3a

  • SSDEEP

    24576:Cct8/gOkwvlKtq0p/QXA7ipUtHb8Gzg4etPxMLToY9AzqAPWMaGzs1Db:C5YsvCq0pkA7ke4GCITo2ocj1Db

Score
10/10
quasaralinaadiscoveryspywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.3.0.0

Botnet

ALINAA

C2

youtubevideos.duckdns.org:6

Mutex

QSR_MUTEX_c50LUXwDkjFdsHNXKw

Attributes
  • encryption_key

    IyL3NZsArZqP2e5avVTp

  • install_name

    csrssss.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    csrsss

  • subdirectory

    microsoftsa

Targets

    • Target

      bbb.exe

    • Size

      1.2MB

    • MD5

      00f33641a6c78c9e2330100a28c4a37c

    • SHA1

      31cee3fbe5a130c52145919c4bb903125069fa08

    • SHA256

      4cca8b360d5053a789ea822ab80261dc6f010c1c72b0d449ca8cdcaffd2e2c0a

    • SHA512

      ecfa5076f26ad9f13b23a7bfc78c533eb01c2e6cdf4590fe1cc4790697377b7e3b11c9ed2e5f5b9bd7f5bc6fa104f6ca83145249b159a00c203beb27a6c51f3a

    • SSDEEP

      24576:Cct8/gOkwvlKtq0p/QXA7ipUtHb8Gzg4etPxMLToY9AzqAPWMaGzs1Db:C5YsvCq0pkA7ke4GCITo2ocj1Db

    Score
    10/10
    discoveryquasaralinaaspywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar family

      quasar

    • Quasar payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks